AMENDMENTS TO THE CLAIMS 

All pending claims are reproduced below: 

1 . (Currently amended) Apparatus for empirically adjusting access to a database, 
said apparatus comprising: 

coupled to the database, a database discovery module configured to determine 
database structure and authorized accesses to the database; 

coupled to the database, a command monitoring module configured to monitor actual 
accesses to the database until a preselected quantity of actual accesses have 
been observed ; and 

coupled to the database discovery module and to the command monitoring module, 
an analysis module configured to compare actual accesses with authorized 
accesses and configured to adjust authorized accesses taking into account 
results of the comparing by changing settings within a database access control 
module to deny future database access to operations by certain users on 
database tables and columns that were previously authorized but not observed 
by the command monitoring module. 

2. (Previously presented) Apparatus of claim 1 further comprising, coupled to the 
database discovery module and to the analysis module, a storage area configured to accumulate 
data generated by the command monitoring module. 

3. (Original) Apparatus of claim 1 wherein the command monitoring module is a 

sniffer. 

4. (Original) Apparatus of claim 1 wherein the database is a relational database 
accessed by a structured query language. 

5. (Currently amended) A computer-implemented method for empirically adjusting 
access to a database, said method comprising the steps of: 

discovering authorized accesses to the database; 
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observing actual accesses to the database until a preselected quantity of actual 

accesses have been observed ; 
comparing actual accesses with authorized accesses; and 

adjusting authorized database accesses taking into account results of the comparing 
step by changing settings within a database access control module of a 
computer-implemented database server to deny future database access to 
operations by certain users on database tables and columns that were 
previously authorized but were not observed during the observing step. 

6. (Currently amended) The method of claim 5 further comprising the step of 
generating and storing at least one third party report based upon observing actual accesses to the 
database. 

7. (Canceled) 

8. (Original) The method of claim 5 wherein the discovering step uncovers any: 
tables of the database; 
columns of the database; 
authorized users of the database; 
views of the database; 
stored procedures of the database; 
user-defined functions of the database; and 
triggers of the database. 

(Previously presented) The method of claim 5 wherein the adjusting step further 
at least one of: 

suggesting revised database access control settings to a database administrator; 
automatically hardening the database for all times of day; 
automatically hardening the database selectively based on time of day; 
alerting a database administrator; and 

continuing to monitor accesses to the database after conclusion of the observing step. 
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10. (Original) The method of claim 9 wherein the database is automatically hardened 
using standard SQL commands. 

1 1 . (Original) The method of claim 9 wherein the database is automatically hardened 
using database specific application programming interfaces. 

12. (Canceled) 

13. (Canceled) 

14. (Currently amended) A computer-readable medium containing computer program 
instructions configured to empirically adjust access to a database, said computer program 
instructions performing the steps of: 

discovering authorized accesses to the database; 

observing actual accesses to the database until a preselected quantity of actual 

accesses have been observed ; 
comparing actual accesses with authorized accesses; and 

adjusting authorized database accesses taking into account results of the comparing 
step by changing settings within a database access control module of a 
computer-implemented database server to deny future database access to 
operations by certain users on database tables and columns that were 
previously authorized but were not observed during the observing step. 

15. (Currently amended) The computer-readable medium of claim 14 further 
comprising the step of generating and storing at least one third party report based upon observing 
actual accesses to the database. 

16. (Canceled) 

17. (Original) The computer-readable medium of claim 14 wherein the discovering 
step uncovers any: 

tables of the database; 
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columns of the database; 

authorized users of the database; 

views of the database; 

stored procedures of the database; 

user-defined functions of the database; and 

triggers of the database. 

18. (Previously presented) The computer-readable medium of claim 14 wherein the 
adjusting step further comprises at least one of: 

suggesting revised database access control settings to a database administrator; 
automatically hardening the database for all times of day; 
automatically hardening the database selectively based on time of day; 
alerting a database administrator; and 

continuing to monitor accesses to the database after conclusion of the observing step. 

19. (Original) The computer-readable medium of claim 1 8 wherein the database is 
automatically hardened using standard SQL commands. 

20. (Original) The computer-readable medium of claim 18 wherein the database is 
automatically hardened using database specific application programming interfaces. 

21. (Canceled) 

22. (Canceled) 

23. (New) Apparatus of claim 1, wherein the preselected quantity of actual accesses 
is sufficiently large that all expected functionalities of applications accessing the database are 
exercised. 

24. (New) The method of claim 5, further comprising: 

storing data generated by the observing of the actual accesses to the database in a 
storage area. 
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25. (New) The method of claim 5, further comprising: 

generating a map of which tables and columns of the database were accessed during 
the observing. 



26. (New) The method of claim 5, further comprising: 

monitoring actual accesses to the database during an extended period occurring after 

the preselected quantity of actual accesses have been observed; and 
generating an alert in real time regarding actual accesses that are observed during the 

extended period that were not observed within the preselected quantity of 

actual accesses. 
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